Why the U.S. Army Needs a Modern Network Built on Zero Trust

Carl De Groote

Cisco

Area Vice President - U.S. Federal

It's no understatement to say that national security depends on the Army's network and that defending it against growing cyberthreats is a national imperative. That's why the Army is accelerating its push to modernize and consolidate its network. 

The Global Enterprise Modernization Software and Services (GEMSS) program is one of the key enablers of this drive. GEMSS is a partnership joining the Army, systems integration experts at World Wide Technology, and Cisco, the global network technology leader. It's a groundbreaking enterprise-level agreement that guarantees lowest possible pricing, simplifies licensing, and encompasses training and new security capabilities to enable modernization. 

With GEMSS, the door to an automated, software-defined, zero trust network as envisioned by Army leadership swings wide open. The result enables: 

• Seamless connections to the global cloud.
• Infinite scalability.
• Security controls enhanced by artificial intelligence.
• Analytics and performance monitoring tools that strengthen understanding and security.

U.S. Army Chief Information Officer Dr. Raj Iyer sees unifying the Army's 42 principal networks into a single enterprise system as one of the Army's top technology priorities. "Every one of our weapon systems platforms is now a sensor, collecting and integrating data," Iyer said in a December 2021 video interview. "It [is] really important for us to make sure we have the right networks in place . . . the unified network that brings together literally 42 different networks right here in the United States under a unified construct to enable interoperability and that seamless exchange of information across our networks."

Enabling that means focusing on protecting the data on the network rather than the network itself. As the Army's Digital Transformation Strategy makes clear: "The Army will rearchitect its networks, systems, and data to better take advantage of Zero Trust [ZT] principles and . . . fully implement Comply-to-Connect as part of the ZT Architecture to ensure that any device connected to the network is accredited and patched appropriately through compliance policies, and continually monitored to establish a trusted network." 

That trusted network will be the backbone of Army warfighting capability — from command and control, communications, and intelligence to manpower, operations and logistics.  

At Cisco, we understand these requirements precisely. Cisco invented internet switching more than 30 years ago and we're still at the forefront of modern network technology today. In fact, we're reinventing networking once again with software-defined network solutions that are more agile, flexible, and secure than the hardware solutions they replace. 

As a centralized enterprise contract program, GEMSS puts these cutting-edge capabilities within reach of virtually every Army command the world over. GEMSS encompasses all the software, services, training, and tools you need to modernize your piece of the Army enterprise network and to achieve the Army's goal of a global zero trust architecture.

Understanding Zero Trust

Zero Trust (ZT) security is a concept built on the idea that every network connection should be seen as a potential internal or external threat. Rather than accept the idea that some connections are beyond suspicion, ZT requires verification for every interaction and enforces the least possible privilege based on a dynamic evaluation of the trustworthiness of users, their devices, and the actions they are attempting on the network.

Cisco Digital Network Architecture (DNA) enables this sensible approach, providing the advanced virtualization, security, analytics, and automation needed to build a ZT network that can seamlessly connect garrison forces to the combat cloud and even the battlefield edge. Infinitely scalable, Cisco DNA enables enhanced network performance, security and visibility; systemwide collaboration; and dynamic resiliency in the face of advanced cyberthreats. 

Network managers can then use Cisco DNA Center to establish and enforce ZT policies—and simultaneously improve network performance with the help of continuous, real-time analytics. Cisco DNA Center gives you a unique window into your network operations, and it works seamlessly with Cisco's next-generation firewalls to ensure industry-leading breach detection and mitigation against malware, distributed denial-of-service (DDoS) attacks, and even insider threats. 

Because these capabilities are implemented through software, you gain real-time access and centralized control. You can see if policies are correctly applied, and if they aren't, you can fix them with a few clicks of a mouse. 

Just as important, these tools empower network operators to move out to enable Soldier-friendly initiatives like new Bring-Your-Own-Device (BYOD) and to deploy more modern communication and collaboration solutions throughout the network. The insights available through Cisco DNA Center puts advanced analytics and machine learning to work for you, so you know what's connecting to your network and that appropriate policies are in place for managing and protecting the U.S. Army's data. 

In a hostile world, your network and endpoints are under perpetual attack. Security is not something you can leave to blind faith in policy and enforcement. You need the power and speed of artificial intelligence and the modern capabilities envisioned by leveraging a zero trust approach. You need Cisco DNA. And fortunately for the Army, you've got GEMSS. 

To learn more and to sign up for training, licenses or other access, go to the Army Digital Modernization Community Page.